Continuous automation and integration is the name of the game, and StackHawk is purpose built to work with your preferred third-party development tools.
Some of these workflow integrations with other third-party providers of development services follow the OAuth 2.0 Authorization Framework, and can allow for StackHawk results to be shared with other third party providers. Some use a provided apikey to exchange resources between StackHawk and the third party. Other integrations require installing an add-on that handles communication between StackHawk and the third-party.
All StackHawk integrations can be managed from the integrations tab in the Web app.
These are integrations with notification, logging and messaging tools.
These are integrations with development planning and project management tools.
StackHawk Integrations are associated to the user’s organization, and can be managed in the integrations tab of the web platform. Because Integrations are assigned to the user’s organization, the user that established the integrations can leave the organization, and the assigned integrations will continue to work.
StackHawk Integrations are generally bound two-ways: an integration can be removed either via the StackHawk web platform or from the integration provider’s end. To remove an integration, go to its configuration settings, and under the danger zone settings, choose to remove the integration from the organization.
A removed integration can always be added back.
A common pattern of OAuth 2.0 integrations is a request of certain permissions or scopes you want assigned to the integration. Each Integration provider has their own definition of their scopes and what permissions each scope entails. You can see the specific permissions we request for each integration on their docs page. As part of authorizing an integration, you will be asked to verify approval of the requested scopes for your integration.
For non-OAuth 2.0 integrations, such as add-ons, the permissions are detailed by the installation of the add-on.
StackHawk and the third-party provider each reserve the right to make changes to how their services operate and how their integration operates. For the most part, changes to the integration operation will update automatically or new configuration options will be made available to support any changes.
If a change to the integration requires additional scopes, you will need to reauthorize the integration with the expanded scopes to use the updated functionality. You can still use an existing integration with its existing scopes.
StackHawk is continuously adding new tooling and integrations to improve the actionability and convenience of StackHawk and the web platform. If there is functionality you would like to see with an existing integration, or if you have a third-party tool you would like to see StackHawk integrate with, drop us a line at firstname.lastname@example.org.